[FUGSPBR] Problema com pf e muitos IPS

[Patrick Tracanelli]

> tabelas???
> 
> Até onde eu sei, IPFW usa regras sequenciais numeradas para verificacao, 
> de que tabela voce tá falando?

Da página de manual:

table(number[,value])
         Matches any IP address for which an entry exists in the lookup
         table number.  If an optional 32-bit unsigned value is also pec-
         ified, an entry will match only if it has this value.  See the
         LOOKUP TABLES section below for more information on lookup
         tables.

LOOKUP TABLES
Lookup tables are useful to handle large sparse address sets, typically
from a hundred to several thousands of entries.  There could be 128 dif-
ferent lookup tables, numbered 0 to 127.

Each entry is represented by an addr[/masklen] and will match all
addresses with base addr (specified as a dotted quad or a hostname) and
mask width of masklen bits.  If masklen is not specified, it defaults to
32.  When looking up an IP address in a table, the most specific entry
will match.  Associated with each entry is a 32-bit unsigned value, which
can optionally be checked by a rule matching code.  When adding an entry,
if value is not specified, it defaults to 0.

An entry can be added to a table (add), removed from a table (delete), a
table can be examined (list) or flushed (flush).

Internally, each table is stored in a Radix tree, the same way as the
routing table (see route(4)).

-- 
Atenciosamente,

Patrick Tracanelli

FreeBSD Brasil LTDA.
The FreeBSD pt_BR Documentation Project
http://www.freebsdbrasil.com.br
patrick @ freebsdbrasil.com.br
"Long live Hanin Elias, Kim Deal!"

_______________________________________________________________
Para enviar um novo email para a lista: fugspbr em fugspbr.org
Sair da Lista: http://lists.fugspbr.org/listinfo.cgi
Historico: http://www4.fugspbr.org/lista/html/FUG-BR/